72 matches found
CVE-2018-10521
In CMS Made Simple CMSMS through 2.2.7, the "file move" operation in the admin dashboard contains an arbitrary file movement vulnerability that can cause DoS, exploitable by an admin user, because config.php can be moved into an incorrect directory...
CVE-2018-10521
CMS Made Simple (CMSMS) prior to version 2.2.7 contains an arbitrary file movement vulnerability in the admin dashboard’s “file move” operation. This issue can be exploited by an admin user to cause a denial of service by moving the config.php file into an incorrect directory. Root cause: the fil...
Seagate Personal Cloud allows moving of arbitrary files
Abstract Seagate Personal Cloud is a consumer-grade Network-Attached Storage device NAS. It was found that the web application used to manage the NAS contains a vulnerability that allows an unauthenticated attacker to move arbitrary files. The move operation is done with root privileges, which...
WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)
Binary data 9387.prm...
ImageMagick: File moving
It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted images. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an...
ImageMagick < 7.0.1-1 / 6.x < 6.9.3-10 Multiple Vulnerabilities (ImageTragick)
The remote Windows host has a version of ImageMagick installed that is prior to 7.0.1-1 or 6.x prior to 6.9.3-10. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability, known as ImageTragick, exists due to a failure to properly filter shell characte...
mojoportal - Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' Abysssec Inc Public Advisory Title : mojoportal Multiple Remote Vulnerabilities Affected Version : mojoPortal 2-3-4-3 Discovery :...
NSAG-200-24.02.2006.txt
Advisory: NSAG-¹200-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 IMAP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...
NSA Group Security Advisory NSAG-№200-24.02.2006 Vulnerability ArGoSoft Mail Server Pro IMAP
Advisory: NSAG-№200-24.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 IMAP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is postponed...
CVE-2004-1674
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to 1 delete arbitrary files via the originalfolder parameter or 2 move arbitrary files via the messageid parameter...
CVE-2004-1674
The CVE-2004-1674 entry concerns Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 (and possibly other versions). The vulnerability is in viewaction.html, where input parameters originalfolder and messageid enable remote attackers to perform file operations. Specifically, attackers can delete a...
CVE-2004-1674
viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to 1 delete arbitrary files via the originalfolder parameter or 2 move arbitrary files via the messageid parameter...